boulder

boulder copied to clipboard

Reviewing https://github.com/letsencrypt/boulder/pull/7869/files/b7189f5c31798523fe61d1be0a40363cb9e9fa30..81b616be22710d38b2193f200f63a9c2bed86637#diff-ba4749ac861bae77ee5067820eff8d269f6ede6202108c0238a1809726d066d3R224-R236, I notice that we now have a pattern of partially initializing a struct, then validating its contents, then precomputing some internal fields: ```go lim := &limit{ burst: v.Burst,...

jsha

When initially designing account pausing/unpausing, I believe we overlooked a more applicable error that could be returned to the client. Currently we return [ProblemType("rateLimited")](https://github.com/letsencrypt/boulder/blob/ded2e5e610306700194333d7cc92e29418888975/probs/probs.go#L30), but instead I think we could...

pgporada

In https://github.com/letsencrypt/boulder/issues/6834 we added a config `NoWaitForReady` that allows gRPC requests to instantly error when there are no backends available (vs waiting for a backend and eventually reporting a timeout)....

jsha

The RA should perform any checks (is it weak? is it in the blocked-keys list? etc) on the newly-supplied key, rather than leaving that to the WFE. _Originally posted by...

jprenken

Previously, we manually parsed path components. As of Go 1.22, we can include wildcards in ServeMux patterns: https://pkg.go.dev/net/http#hdr-Patterns-ServeMux. This simplifies our parsing code a little bit. To get the values...

jsha

Similar https://github.com/letsencrypt/boulder/pull/7769, `prepAccountForDisplay` zeroes out two fields and `prepChallengeForDisplay` `nil`s a nested field, use the `-` JSON tag to omit this field.

beautifulentropy

Bumps the aws group with 3 updates in the / directory: [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2), [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) and [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2). Updates `github.com/aws/aws-sdk-go-v2` from 1.39.2 to 1.39.3 Commits b9b0c65 Release 2025-10-16 e2bc8a0 Regenerated Clients 8691ee3 Update...

dependabot[bot]

- Rename pardot-test-srv to salesforce-test-srv (this is only used in dev and staging) - Rename pardot in email/pardot.go and email/pardot_test.go to salesforce - Remove oauthAddr from salesforce-test-srv

beautifulentropy

The RA [configures its log list](https://github.com/letsencrypt/boulder/blob/01eee61012219862d8db7252fa1c099961f32603/cmd/boulder-ra/main.go#L221) based on a boolean indicating whether it should [submit to test logs](https://github.com/letsencrypt/boulder/blob/01eee61012219862d8db7252fa1c099961f32603/ctpolicy/ctconfig/ctconfig.go#L27-L29). We set that boolean to True in Staging, giving that environment access...

aarongable

In ages long past, we deleted [boulder-janitor](https://github.com/letsencrypt/boulder/commits/main/cmd/boulder-janitor) and replaced it with partman, a MariaDB partition-based system for deleting old data. With the move to Vitess, it is likely that partman...

aarongable